W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2012

Re: privacy definitions -- was: WebID questions

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 18 Oct 2012 07:54:46 -0400
Message-ID: <507FEE06.10706@openlinksw.com>
To: David Singer <singer@apple.com>
CC: public-privacy list <public-privacy@w3.org>, WebID XG <public-xg-webid@w3.org>
On 10/18/12 3:12 AM, David Singer wrote:
> On Oct 17, 2012, at 19:50 , Kingsley Idehen <kidehen@openlinksw.com> wrote:
>
>> On 10/17/12 2:17 AM, David Singer wrote:
>>> On Oct 16, 2012, at 20:40 , Henry Story <henry.story@bblfish.net> wrote:
>>>
>>>> But that is not yet transparency I am looking for. Because you could go to a site and click mistakenly on "accept cookies forever", and you could easily forget about it later. What is
>>>> needed I was arguing is the ability to be able to see in your URL bar that you are using cookies
>>>> and be able to switch it off easily. Then you would be made aware constantly of your identity at
>>>> a site.
>>> The problem is that many, if not most, sites use cookies, and a warning that is almost always on gets ignored.
>>>
>> David,
>>
>> Yes, and that's a function of the current UI/UX patterns. The very patterns that Henry is trying to bring to the attention of browser developers. Fixing existing broken UI/UX patterns are the key to bringing the "identity" issue into clearer context for browser users.
>>
>> To conclude, this is a problem that can be solved by browser vendors stepping to the plate and delivering functionality desperately sought (knowingly or unknowingly) by browser users. There are no browser users that seek to knowingly compromise their rights to online privacy.
>
> I think we are at cross-purposes.  You seem to be making the rough suggestion that browser vendors aren't indicating which sites set cookies because they want to drag their feet, rather than responding to my point.
>
> To reiterate:
> a) a warning that a site uses cookies will rapidly be ignored, and hence useless and meaningless to users (who takes any notice of a red lamp that's always on?)
> b) the more problematic uses of cookies are from sites that are not the primary one the user visits, and a warning that comes on when *any* site included in the page uses them is almost certain to come on 99% of the time
> c) many cookies are nothing to do with privacy
>
> David Singer
> Multimedia and Software Standards, Apple Inc.
>
>
>

I am talking about "identity" and all of the constituent aspects 
relevant to browsers.

Cookies are identifiers, they are part of the "identity matrix" .

Privacy is ultimately about self calibration of one's vulnerability. 
This fundamental principle is realm agnostic.

A browser should put me in position to know:

1. my current login identity at any given point in time
2. nature of all identifiers used to construct my identity -- this 
includes cookies.

The browser has all the data, it just needs to improve the UI/UX based 
on a better understanding and appreciation of identity, in a manner 
that's fully controlled by the end-user.

We can only start solving this problem by accepting the fact that 
end-users should possess full control over their identity when working 
with browsers. We should be rapidly moving away from today's 
surreptitious identity patterns which operate of the false assumption 
that the browser application developers know best, when in fact they don't.

Identity is inherently nebulous. Thus, it's always best controlled by 
the Referent (ultimately an end user) of identifiers.

-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen







Received on Thursday, 18 October 2012 11:55:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 18 October 2012 11:55:11 GMT